Cyber Basics
What is a virus that self-replicates and spreads to other computers?
A worm
True or False: Using public Wi-Fi for online banking and shopping is considered safe as long as you use a VPN
False (VPN can add a layer of security, public Wi-Fi networks are still vulnerable to various threats, and it's best to avoid conducting sensitive transactions on them)
Name a website where you would go to improve your technical 'hacking' skills.
1. HackTheBox
2. TryHackMe
In the 2019 Capital One breach, attackers exploited a misconfiguration in a cloud service to gain unauthorized access to customer data. What specific cloud service was involved?
Amazon Web Services (AWS) S3 bucket
This organization provides a structured approach for organizations to manage and reduce cybersecurity risk. What is the name of the organization?
National Institute of Standards and Technology (NIST)
How do VPN's work?
1. Creates an encrypted tunnel where data is passed through
2. Masks your IP address to protect your identity online
What does zero-day exploit mean?
Refers to a vulnerability that is unknown to the software vendor and has no available patch
True or False: It’s safe to use the same password across different sites as long as it is complex and unique.
False (Using unique passwords for each site is recommended to limit risk if one account is compromised)
This 2017 global cyberattack used the _________ ransomware to encrypt data on infected systems and demand payment in Bitcoin for decryption?
WannaCry
What breakthrough in encryption standards, adopted in 2001, offers a robust method for protecting sensitive information and has become the gold standard for secure data encryption worldwide?
Advanced Encryption Standard (AES)
What does the acronym "DDoS" stand for in the context of cyberattacks?
Distributed Denial of Service
What is the term that refers to an attacker intercepting and possibly altering communication between two parties who believe they are directly communicating with each other?
Man-in-the-middle attack
What is the practice of setting up a separate, secure environment for performing sensitive operations to reduce the risk of exposure?
Secure Environment or Sandbox
What was the name of the first known computer virus, which was created in 1971 and had the ability to replicate itself across a network?
Creeper Virus
In the world of cybersecurity, which innovation dramatically changed the way data is protected online by creating a system where keys are used to encrypt and decrypt information without ever sharing the keys themselves?
Public and private keys
What are common types of cyber threats that individuals and organizations face?
Malware, phishing, ransomware, DDoS attacks, etc.
This malware hides itself within legitimate software to avoid detection and can perform harmful actions without the user's knowledge.
Trojan Horse
What security measure involves restricting user access to only the data and resources necessary for their job role?
Principle of Least Privilege
The 2013 Target data breach, which affected millions of credit and debit card holders, involved the use of stolen credentials. How did the attackers initially gain access to Target’s network?
The attackers obtained credentials through a compromised third-party vendor, which provided access to Target’s network.
What technology, which first appeared in the early 2000s, enhances device security by creating a hardware-based environment for storing sensitive information?
Trusted Platform Module (TPM)
How can you identify phishing emails and protect yourself from phishing attacks?
By checking sender's email address, avoiding clicking on suspicious links, and verifying requests for sensitive information
How do social engineering attacks exploit psychological manipulation?
Social engineering attacks exploit psychological manipulation by preying on human emotions and behaviors, such as fear or trust, to deceive individuals into divulging confidential information.
Why is it important to have a cybersecurity incident response plan?
A cybersecurity incident response plan is crucial for quickly and effectively addressing and mitigating the impact of a security breach
How can organizations leverage threat intelligence to anticipate and defend against emerging cyber threats?
Analyzing trends, indicators of compromise, and attack patterns to proactively address vulnerabilities and enhance defensive measures
What are the potential societal impacts of widespread adoption of artificial intelligence in cybersecurity?
The widespread adoption of AI in cybersecurity can lead to more efficient threat detection and response, but it also raises concerns about bias in AI models, the potential for adversarial attacks on AI systems, and the ethical implications of AI-driven decisions.